package win.liumian.sso.server.controller;

import com.alibaba.fastjson.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.*;
import win.liumian.sso.server.dao.po.Client;
import win.liumian.sso.server.dao.po.User;
import win.liumian.sso.server.po.ResponsePo;
import win.liumian.sso.server.service.TicketService;
import win.liumian.sso.server.service.UserService;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import static win.liumian.sso.server.util.Constants.*;

/**
 * @author liumian
 */
@Controller
public class UserController {

    @Autowired
    private UserService userService;

    @Autowired
    private TicketService ticketService;

    @RequestMapping(value = "login", method = RequestMethod.POST)
    @ResponseBody
    public ResponsePo login(@RequestBody JSONObject requestBody,
                            @RequestParam(value = REDIRECT_URL, required = false) String redirectUrl,
                            @RequestParam(value = CLIENT_ID, required = false) String clientId,
                            HttpServletResponse response) {

        Client client = ticketService.getClient(clientId);

        String password = requestBody.getString("password");
        String username = requestBody.getString("username");

        User user = userService.getUserBy(username);

        JSONObject responseData = new JSONObject();
        if (!ObjectUtils.isEmpty(client) && !ObjectUtils.isEmpty(user) && user.getPassword().equals(password)) {
            responseData.put("isLogin", true);
            String ssoTicket = ticketService.newLoginTicket(user, clientId);
            Cookie cookie = new Cookie(SSO_TICKET, ssoTicket);
            cookie.setMaxAge(60 * 60 * 3);
            response.addCookie(cookie);
            responseData.put(REDIRECT_URL, StringUtils.isEmpty(redirectUrl) ? DEFAULT_REDIRECT_URL : redirectUrl);
            responseData.put(SSO_TICKET, ssoTicket);
        } else {
            responseData.put("isLogin", false);
        }

        ResponsePo responsePo = new ResponsePo(true, "ok", responseData);

        //1. 生成登录凭证
        //2. 将登录凭证传递到客户端
        //3. 重定向到客户端

        return responsePo;
    }


    @RequestMapping(value = "logout", method = RequestMethod.GET)
    public String logout(@CookieValue(value = SSO_TICKET, required = false) String ssoTicket,
                         HttpServletRequest request) {

        //直接注销登录凭证
        if (!StringUtils.isEmpty(ssoTicket)) {
            ticketService.deleteTicket(ssoTicket);
        }
        String referer = request.getHeader("Referer");
        if (StringUtils.isEmpty(referer)) {
            return "redirect:" + DEFAULT_REDIRECT_URL;
        } else {
            return "redirect:" + referer;
        }
    }


    @RequestMapping("register")
    public ResponsePo register(@RequestBody JSONObject requestBody) {

        String username = requestBody.getString("username");
        String password = requestBody.getString("password");

        User user = userService.registerUser(username, password);

        JSONObject data = new JSONObject();
        data.put("register", true);
        return new ResponsePo(true, "ok", data);
    }

}
